Splitting IT department

Summary:I have a conundrum regarding splitting the IT department for the company into three, as the company has grown and now being formed into a group of companies with subsidiaries. The recommendation is to split and replicate the IT infrastructure for the HQ and the three subsidiaries. What kind of solution is recommended to control the security aspects for all of the three subs from the HQ? We think that there should be some sort of control to manage from the HQ or at least to monitor to make sure everyone is following the practices outlined by the group.

Full Article:Disclaimer: Contents are not reviewed for correctness and are not endorsed or recommended by Toolbox for IT or any vendor. Popular Q&A contents include summarized information from Checkpoint-L discussion unless otherwise noted.

Use some form of delegation. It is possible and advantageous to restrict each subsidiary to control only its domain, while maintaining overall (enterprise-level) control at HQ. A combination of restricted passwords and subnet (DNS control) can be used to restrict and define the realms/domains which lower IT department is able to control.

The details will depend largely on the OS being used, as well as how much autonomy is needed. This may essentially be more of a political issue rather than one driven strictly by asking and answering the question of "Can it be done". You need to spend some time defining exactly what you want to do, then approach the mechanics of how to accomplish it. You will need allies in upper management, since this could directly affect any "empire building" which may actually be driving the project.

Disclaimer: Contents are not reviewed for correctness and are not endorsed or recommended by Toolbox.com or any vendor.